Editor: Allow all domain in iframes insertion if setting to allow iframe is true in HTMLPurifier filter - refs BT#22175 BT#22102

Author: NicoDucou

src/Chamilo/CoreBundle/Component/HTMLPurifier/Filter/AllowIframes.php

@@ -59,24 +59,16 @@ protected function postFilterCallback($matches)
         // Domain Whitelist
         $hostName = [];
         preg_match('#https?://(.*)#i', api_get_path(WEB_PATH), $hostName);
+        $extra = ' frameborder="0"';
 
         $youTubeMatch = preg_match('#src="(https:)?//www.youtube(-nocookie)?.com/#i', $matches[1]);
         $vimeoMatch = preg_match('#://player.vimeo.com/#i', $matches[1]);
-        $googleMapsMatch = preg_match('#src="https://maps.google.com/#i', $matches[1]);
-        $slideShare = preg_match('#src="(https?:)?//www.slideshare.net/#', $matches[1]);
-        $platformDomain = preg_match('#src="https?://(.+\.)?'.$hostName[1].'#i', $matches[1]);
 
-        if ($youTubeMatch || $vimeoMatch || $googleMapsMatch || $slideShare || $platformDomain) {
-            $extra = ' frameborder="0"';
-            if ($youTubeMatch) {
-                $extra .= ' allowfullscreen';
-            } elseif ($vimeoMatch) {
-                $extra .= ' webkitAllowFullScreen mozallowfullscreen allowFullScreen';
-            }
-
-            return '<iframe '.$matches[1].$extra.'></iframe>';
-        } else {
-            return '';
+        if ($youTubeMatch) {
+            $extra .= ' allowfullscreen';
+        } elseif ($vimeoMatch) {
+            $extra .= ' webkitAllowFullScreen mozallowfullscreen allowFullScreen';
         }
+        return '<iframe '.$matches[1].$extra.'></iframe>';
     }
 }